FortiGuard Labs Threat Research
How a Malicious Excel File (CVE-2017-0199) Delivers the FormBook Payload
Read how a malicious Excel file exploits CVE-2017-0199 to deliver FormBook malware via phishing.
FortiGuard Labs Threat Research
Deep Dive into a Dumped Malware without a PE Header
Explore manual deployment of a PE header-corrupted malware in a controlled environment, its C2 communication, and actions performed on a compromised device. Read more.
FortiGuard Labs Threat Research
Infostealer Malware FormBook Spread via Phishing Campaign – Part II
Learn how the FormBook payload operates on a compromised machine, including the complicated anti-analysis techniques employed by this variant.
FortiGuard Labs Threat Research
Ransomware Roundup – VanHelsing
The VanHelsing ransomware was first identified in March 2025 and uses TOR sites for ransom negotiations and data leaks. Learn more.
FortiGuard Labs Threat Research
Horabot Unleashed: A Stealthy Phishing Threat
FortiGuard Labs observed a phishing campaign "Horabot" resurfacing with a sophisticated multi-stage attack, blending phishing, credential theft, and propagation. Learn more.
FortiGuard Labs Threat Research
Multilayered Email Attack: How a PDF Invoice and Geo-Fencing Led to RAT Malware
FortiGuard Labs highlights a malware campaign's increasing sophistication of attack methodologies, leveraging the legitimate functionalities of remote administration tools for malicious purposes. Learn more.
FortiGuard Labs Threat Research
FortiGuard Incident Response Team Detects Intrusion into Middle East Critical National Infrastructure
The FortiGuard Incident Response (FGIR) team recently investigated a long-term cyber intrusion targeting critical national infrastructure (CNI) in the Middle East, attributed to an Iranian state-sponsored threat group.
FortiGuard Labs Threat Research
Key Takeaways from the 2025 Global Threat Landscape Report
Read into how the adversary advantage is accelerating, which means organizations must change how they measure and manage risk.
FortiGuard Labs Threat Research
IngressNightmare: Understanding CVE‑2025‑1974 in Kubernetes Ingress-NGINX
Get an overview on how the CVE-2025-1974 works, a proof-of-concept demo of the exploit, along with outlined mitigations and detection strategies.
FortiGuard Labs Threat Research
Infostealer Malware FormBook Spread via Phishing Campaign – Part I
FortiGuard Labs observed a phishing campaign in the wild that delivered a malicious Word document as an attachment. Learn more.